Editorial

4 pages, 184 KiB

Open AccessEditorial

by Krzysztof Szczypiorski

Electronics 2022, 11(15), 2309; https://doi.org/10.3390/electronics11152309 - 25 Jul 2022

Cited by 2 | Viewed by 1701

Towards the end of the Cold War in 1985, in reference to the theory of leadership for the first time, in the book ‘Leaders: The Strategies For Taking Charge’ by Warren Bennis and Burt Nanus [...] Full article

(This article belongs to the Special Issue Cybersecurity and Data Science)

Research

Jump to: Editorial, Other

18 pages, 3520 KiB

Open AccessArticle

Simulation of Authentication in Information-Processing Electronic Devices Based on Poisson Pulse Sequence Generators

by Volodymyr Maksymovych, Elena Nyemkova, Connie Justice, Mariia Shabatura, Oleh Harasymchuk, Yuriy Lakh and Morika Rusynko

Electronics 2022, 11(13), 2039; https://doi.org/10.3390/electronics11132039 - 29 Jun 2022

Cited by 6 | Viewed by 1302

Abstract

Poisson pulse sequence generators are quite well studied, have good statistical properties, are implemented both in software and hardware, but have not yet been used for the purpose of authentication. The work was devoted to modeling authenticators of information-processing electronic devices by creating [...] Read more.

Poisson pulse sequence generators are quite well studied, have good statistical properties, are implemented both in software and hardware, but have not yet been used for the purpose of authentication. The work was devoted to modeling authenticators of information-processing electronic devices by creating a bit template simulator based on a Poisson pulse sequence generator (PPSG). The generated templates imitated an important property of real bit templates, which reflected the physical uniqueness of electronic devices, namely Hamming distances between arbitrary template pairs for the same device were much smaller than the distance between arbitrary template pairs for two different devices. The limits of the control code values were determined by setting the range of the average frequency values of the output pulse sequence with the Poisson distribution law. The specified parameters of the output pulse sequence were obtained due to the optimization of the parameters of the PPSG structural elements. A combination of pseudo-random sequences with the control code’s different values formed the bit template. The comparison of the Hamming distance between the standard and real-time templates with a given threshold value was used as a validation mechanism. The simulation experiment results confirmed the unambiguous authentication of devices. The simulation results also showed similarities with the real data obtained for the bit templates of personal computers’ own noise. The proposed model could be used for improving the cybersecurity of a corporate network as an additional factor in the authentication of information-processing electronic devices for which the measurement of noise with the required accuracy is not possible or significantly difficult. Full article

(This article belongs to the Special Issue Cybersecurity and Data Science)

► Show Figures

Figure 1

16 pages, 580 KiB

Open AccessArticle

Threat Matrix: A Fast Algorithm for Human–Machine Chinese Ludo Gaming

by Fuji Han and Man Zhou

Electronics 2022, 11(11), 1699; https://doi.org/10.3390/electronics11111699 - 26 May 2022

Cited by 2 | Viewed by 2163

Abstract

Chinese Ludo, also known as Aeroplan Chess, has been a very popular board game for several decades. However, there is no mature algorithm existing for human–machine gambling. The major challenge is the high randomness of the dice rolls, where the algorithm must ensure [...] Read more.

Chinese Ludo, also known as Aeroplan Chess, has been a very popular board game for several decades. However, there is no mature algorithm existing for human–machine gambling. The major challenge is the high randomness of the dice rolls, where the algorithm must ensure that the machine is smarter than a human in order to guarantee that the owner of the game machines makes a profit. This paper presents a fast Chinese Ludo algorithm (named “Threat Matrix”) that we have recently developed. Unlike from most chess programs, which rely on high performance computing machines, the evaluation function in our program is only a linear sum of four factors. For fast and low-cost computation, we innovatively construct the concept of the threat matrix, by which we can easily obtain the threat between any two dice on any two positions. The threat matrix approach greatly reduces the required amount of calculations, enabling the program to run on a 32-bit 80 × 86 SCM with a 100 MHz CPU while supporting a recursive algorithms to search plies. Statistics compiled from matches against human game players show that our threat matrix has an average win rate of 92% with no time limit, 95% with a time limit of 10 s, and 98% with a time limit of 5 s. Furthermore, the threat matrix can reduce the computation cost by nearly 90% compared to real-time computing; memory consumption drops and is stable, which increases the evaluation speed by 58% compared to real-time computing. Full article

(This article belongs to the Special Issue Cybersecurity and Data Science)

► Show Figures

Figure 1

25 pages, 5385 KiB

Open AccessArticle

An Exploratory Study of Cognitive Sciences Applied to Cybersecurity

by Roberto O. Andrade, Walter Fuertes, María Cazares, Iván Ortiz-Garcés and Gustavo Navas

Electronics 2022, 11(11), 1692; https://doi.org/10.3390/electronics11111692 - 26 May 2022

Cited by 3 | Viewed by 2571

Abstract

Cognitive security is the interception between cognitive science and artificial intelligence techniques used to protect institutions against cyberattacks. However, this field has not been addressed deeply in research. This study aims to define a Cognitive Cybersecurity Model by exploring fundamental concepts for applying [...] Read more.

Cognitive security is the interception between cognitive science and artificial intelligence techniques used to protect institutions against cyberattacks. However, this field has not been addressed deeply in research. This study aims to define a Cognitive Cybersecurity Model by exploring fundamental concepts for applying cognitive sciences in cybersecurity. For achieving this, we developed exploratory research based on two steps: (1) a text mining process to identify main interest areas of research in the cybersecurity field and (2) a valuable review of the papers chosen in a systematic literature review that was carried out using PRISMA methodology. The model we propose tries to fill the gap in automatizing cognitive science without taking into account the users’ learning processes. Its definition is supported by the main findings of the literature review, as it leads to more in-depth future studies in this area. Full article

(This article belongs to the Special Issue Cybersecurity and Data Science)

► Show Figures

Figure 1

19 pages, 1586 KiB

Open AccessArticle

Comparison of Hash Functions for Network Traffic Acquisition Using a Hardware-Accelerated Probe

by Mateusz Korona, Paweł Szumełda, Mariusz Rawski and Artur Janicki

Electronics 2022, 11(11), 1688; https://doi.org/10.3390/electronics11111688 - 25 May 2022

Cited by 1 | Viewed by 1930

Abstract

In this article we address the problem of efficient and secure monitoring of computer network traffic. We proposed, implemented, and tested a hardware-accelerated implementation of a network probe, using the DE5-Net FPGA development platform. We showed that even when using a cryptographic SHA-3 [...] Read more.

In this article we address the problem of efficient and secure monitoring of computer network traffic. We proposed, implemented, and tested a hardware-accelerated implementation of a network probe, using the DE5-Net FPGA development platform. We showed that even when using a cryptographic SHA-3 hash function, the probe uses less than 17% of the available FPGA resources, offering a throughput of over 20 Gbit/s. We have also researched the problem of choosing an optimal hash function to be used in a network probe for addressing network flows in a flow cache. In our work we compared five 32-bit hash functions, including two cryptographic ones: SHA-1 and SHA-3. We ran a series of experiments with various hash functions, using traffic replayed from the CICIDS 2017 dataset. We showed that SHA-1 and SHA-3 provide flow distributions as uniform as the ones offered by the modified Vermont hash function proposed in 2008 (i.e., with low means and standard deviations of the bucket occupation), yet assuring higher security against potential attacks on a network probe. Full article

(This article belongs to the Special Issue Cybersecurity and Data Science)

► Show Figures

Figure 1

14 pages, 662 KiB

Open AccessArticle

Detection of Image Steganography Using Deep Learning and Ensemble Classifiers

by Mikołaj Płachta, Marek Krzemień, Krzysztof Szczypiorski and Artur Janicki

Electronics 2022, 11(10), 1565; https://doi.org/10.3390/electronics11101565 - 13 May 2022

Cited by 16 | Viewed by 6818

Abstract

In this article, the problem of detecting JPEG images, which have been steganographically manipulated, is discussed. The performance of employing various shallow and deep learning algorithms in image steganography detection is analyzed. The data, images from the BOSS database, were used with information [...] Read more.

In this article, the problem of detecting JPEG images, which have been steganographically manipulated, is discussed. The performance of employing various shallow and deep learning algorithms in image steganography detection is analyzed. The data, images from the BOSS database, were used with information hidden using three popular steganographic algorithms: JPEG universal wavelet relative distortion (J-Uniward), nsF5, and uniform embedding revisited distortion (UERD) at two density levels. Various feature spaces were verified, with the discrete cosine transform residuals (DCTR) and the Gabor filter residuals (GFR) yielding best results. Almost perfect detection was achieved for the nsF5 algorithm at 0.4 bpnzac density (99.9% accuracy), while the detection of J-Uniward at 0.1 bpnzac density turned out to be hardly possible (max. 56.3% accuracy). The ensemble classifiers turned out to be an encouraging alternative to deep learning-based detection methods. Full article

(This article belongs to the Special Issue Cybersecurity and Data Science)

► Show Figures

Figure 1

19 pages, 6428 KiB

Open AccessArticle

BrainShield: A Hybrid Machine Learning-Based Malware Detection Model for Android Devices

by Corentin Rodrigo, Samuel Pierre, Ronald Beaubrun and Franjieh El Khoury

Electronics 2021, 10(23), 2948; https://doi.org/10.3390/electronics10232948 - 26 Nov 2021

Cited by 11 | Viewed by 2434

Abstract

Android has become the leading operating system for mobile devices, and the most targeted one by malware. Therefore, many analysis methods have been proposed for detecting Android malware. However, few of them use proper datasets for evaluation. In this paper, we propose BrainShield, [...] Read more.

Android has become the leading operating system for mobile devices, and the most targeted one by malware. Therefore, many analysis methods have been proposed for detecting Android malware. However, few of them use proper datasets for evaluation. In this paper, we propose BrainShield, a hybrid malware detection model trained on the Omnidroid dataset to reduce attacks on Android devices. The latter is the most diversified dataset in terms of the number of different features, and contains the largest number of samples, 22,000 samples, for model evaluation in the Android malware detection field. BrainShield’s implementation is based on a client/server architecture and consists of three fully connected neural networks: (1) the first is used for static analysis and reaches an accuracy of 92.9% trained on 840 static features; (2) the second is a dynamic neural network that reaches an accuracy of 81.1% trained on 3722 dynamic features; and (3) the third neural network proposed is hybrid, reaching an accuracy of 91.1% trained on 7081 static and dynamic features. Simulation results show that BrainShield is able to improve the accuracy and the precision of well-known malware detection methods. Full article

(This article belongs to the Special Issue Cybersecurity and Data Science)

► Show Figures

Figure 1

10 pages, 1315 KiB

Open AccessArticle

A New Approach to the Development of Additive Fibonacci Generators Based on Prime Numbers

by Volodymyr Maksymovych, Oleh Harasymchuk, Mikolaj Karpinski, Mariia Shabatura, Daniel Jancarczyk and Krzysztof Kajstura

Electronics 2021, 10(23), 2912; https://doi.org/10.3390/electronics10232912 - 24 Nov 2021

Cited by 6 | Viewed by 1628

Abstract

Pseudorandom number and bit sequence generators are widely used in cybersecurity, measurement, and other technology fields. A special place among such generators is occupied by additive Fibonacci generators (AFG). By itself, such a generator is not cryptographically strong. Nevertheless, when used as a [...] Read more.

Pseudorandom number and bit sequence generators are widely used in cybersecurity, measurement, and other technology fields. A special place among such generators is occupied by additive Fibonacci generators (AFG). By itself, such a generator is not cryptographically strong. Nevertheless, when used as a primary it can be quite resistant to cryptanalysis generators. This paper proposes a modification to AGF, the essence of which is to use prime numbers as modules of recurrent equations describing the operation of generators. This modification made it possible to ensure the constancy of the repetition period of the output pseudorandom pulse sequence in the entire range of possible values of the initial settings–keys (seed) at specific values of the module. In addition, it has proposed a new generator scheme, which consists of two generators: the first of which is based on a modified AFG and the second is based on a linear feedback shift register (LFSR). The output pulses of both generators are combined through a logic element XOR. The results of the experiment show that the specific values of modules provide a constant repetition period of the output pseudorandom pulse sequence in a whole range of possible values of the initial settings–keys (seed) and provide all the requirements of the NIST test to statistical characteristics of the sequence. Modified AFGs are designed primarily for hardware implementation, which allows them to provide high performance. Full article

(This article belongs to the Special Issue Cybersecurity and Data Science)

► Show Figures

Figure 1

22 pages, 465 KiB

Open AccessArticle

Dataset Generation for Development of Multi-Node Cyber Threat Detection Systems

by Jędrzej Bieniasz and Krzysztof Szczypiorski

Electronics 2021, 10(21), 2711; https://doi.org/10.3390/electronics10212711 - 07 Nov 2021

Cited by 3 | Viewed by 2679

Abstract

This paper presents a new approach to generate datasets for cyber threat research in a multi-node system. For this purpose, the proof-of-concept of such a system is implemented. The system will be used to collect unique datasets with examples of information hiding techniques. [...] Read more.

This paper presents a new approach to generate datasets for cyber threat research in a multi-node system. For this purpose, the proof-of-concept of such a system is implemented. The system will be used to collect unique datasets with examples of information hiding techniques. These techniques are not present in publicly available cyber threat detection datasets, while the cyber threats that use them represent an emerging cyber defense challenge worldwide. The network data were collected thanks to the development of a dedicated application that automatically generates random network configurations and runs scenarios of information hiding techniques. The generated datasets were used in the data-driven research workflow for cyber threat detection, including the generation of data representations (network flows), feature selection based on correlations, data augmentation of training datasets, and preparation of machine learning classifiers based on Random Forest and Multilayer Perceptron architectures. The presented results show the usefulness and correctness of the design process to detect information hiding techniques. The challenges and research directions to detect cyber deception methods are discussed in general in the paper. Full article

(This article belongs to the Special Issue Cybersecurity and Data Science)

► Show Figures

Graphical abstract

23 pages, 402 KiB

Open AccessArticle

A Method for Fast Selection of Machine-Learning Classifiers for Spam Filtering

by Sylwia Rapacz, Piotr Chołda and Marek Natkaniec

Electronics 2021, 10(17), 2083; https://doi.org/10.3390/electronics10172083 - 27 Aug 2021

Cited by 14 | Viewed by 3442

Abstract

The paper elaborates on how text analysis influences classification—a key part of the spam-filtering process. The authors propose a multistage meta-algorithm for checking classifier performance. As a result, the algorithm allows for the fast selection of the best-performing classifiers as well as for [...] Read more.

The paper elaborates on how text analysis influences classification—a key part of the spam-filtering process. The authors propose a multistage meta-algorithm for checking classifier performance. As a result, the algorithm allows for the fast selection of the best-performing classifiers as well as for the analysis of higher-dimensionality data. The last aspect is especially important when analyzing large datasets. The approach of cross-validation between different datasets for supervised learning is applied in the meta-algorithm. Three machine-learning methods allowing a user to classify e-mails as desirable (ham) or potentially harmful (spam) messages were compared in the paper to illustrate the operation of the meta-algorithm. The used methods are simple, but as the results showed, they are powerful enough. We use the following classifiers: k-nearest neighbours (k-NNs), support vector machines (SVM), and the naïve Bayes classifier (NB). The conducted research gave us the conclusion that multinomial naïve Bayes classifier can be an excellent weapon in the fight against the constantly increasing amount of spam messages. It was also confirmed that the proposed solution gives very accurate results. Full article

(This article belongs to the Special Issue Cybersecurity and Data Science)

► Show Figures

Figure 1

18 pages, 4603 KiB

Open AccessArticle

Analysis and Implementation of Threat Agents Profiles in Semi-Automated Manner for a Network Traffic in Real-Time Information Environment

by Gaurav Sharma, Stilianos Vidalis, Catherine Menon, Niharika Anand and Somesh Kumar

Electronics 2021, 10(15), 1849; https://doi.org/10.3390/electronics10151849 - 31 Jul 2021

Cited by 6 | Viewed by 2534

Abstract

Threat assessment is the continuous process of monitoring the threats identified in the network of the real-time informational environment of an organisation and the business of the companies. The sagacity and security assurance for the system of an organisation and company’s business seem [...] Read more.

Threat assessment is the continuous process of monitoring the threats identified in the network of the real-time informational environment of an organisation and the business of the companies. The sagacity and security assurance for the system of an organisation and company’s business seem to need that information security exercise to unambiguously and effectively handle the threat agent’s attacks. How is this unambiguous and effective way in the present-day state of information security practice working? Given the prevalence of threats in the modern information environment, it is essential to guarantee the security of national information infrastructure. However, the existing models and methodology are not addressing the attributes of threats like motivation, opportunity, and capability (C, M, O), and the critical threat intelligence (CTI) feed to the threat agents during the penetration process is ineffective, due to which security assurance arises for an organisation and the business of companies. This paper proposes a semi-automatic information security model, which can deal with situational awareness data, strategies prevailing information security activities, and protocols monitoring specific types of the network next to the real-time information environment. This paper looks over analyses and implements the threat assessment of network traffic in one particular real-time informational environment. To achieve this, we determined various unique attributes of threat agents from the Packet Capture Application Programming Interface (PCAP files/DataStream) collected from the network between the years 2012 and 2019. We used hypothetical and real-world examples of a threat agent to evaluate the three different factors of threat agents, i.e., Motivation, Opportunity, and Capability (M, O, C). Based on this, we also designed and determined the threat profiles, critical threat intelligence (CTI), and complexity of threat agents that are not addressed or covered in the existing threat agent taxonomies models and methodologies. Full article

(This article belongs to the Special Issue Cybersecurity and Data Science)

► Show Figures

Figure 1

32 pages, 1919 KiB

Open AccessArticle

Discussion on IoT Security Recommendations against the State-of-the-Art Solutions

by Marta Chmiel, Mateusz Korona, Fryderyk Kozioł, Krzysztof Szczypiorski and Mariusz Rawski

Electronics 2021, 10(15), 1814; https://doi.org/10.3390/electronics10151814 - 28 Jul 2021

Cited by 6 | Viewed by 4274

Abstract

The Internet of Things (IoT) is an emerging concept comprising a wide ecosystem of interconnected devices and services. These technologies collect, exchange and process data in order to dynamically adapt to a specific context. IoT is tightly bound to cyber-physical systems and, in [...] Read more.

The Internet of Things (IoT) is an emerging concept comprising a wide ecosystem of interconnected devices and services. These technologies collect, exchange and process data in order to dynamically adapt to a specific context. IoT is tightly bound to cyber-physical systems and, in this respect, has relevant security implications. A need for IoT security guidelines was identified by the industry in the early 2010s. While numerous institutions across the globe have proposed recommendations with a goal to help developers, distributors and users to ensure a secure IoT infrastructure, a strict set of regulations for IoT security is yet to be established. In this paper, we aim to provide an overview of security guidelines for IoT proposed by various organizations, and evaluate some of the existing technologies applied to ensure IoT security against these guidelines. We gathered recommendations proposed by selected government organizations, international associations and advisory groups, and compiled them into a set of the most common and important considerations, divided into eight categories. Then we chose a number of representative examples from IoT security technologies and evaluated them against these criteria. While none of the examined solutions fulfill all recommendations on their own, the existing technologies introduced by those solutions could be combined to create a design framework which satisfies all the requirements of a secure IoT device. Further research on this matter could be beneficial. To the best of our knowledge, this is the first comprehensive survey to evaluate different security technologies for IoT device security against the compilation of criteria based on existing guidelines. Full article

(This article belongs to the Special Issue Cybersecurity and Data Science)

► Show Figures

Figure 1

10 pages, 664 KiB

Open AccessArticle

Multi-Language Spam/Phishing Classification by Email Body Text: Toward Automated Security Incident Investigation

by Justinas Rastenis, Simona Ramanauskaitė, Ivan Suzdalev, Kornelija Tunaitytė, Justinas Janulevičius and Antanas Čenys

Electronics 2021, 10(6), 668; https://doi.org/10.3390/electronics10060668 - 12 Mar 2021

Cited by 22 | Viewed by 5946

Abstract

Spamming and phishing are two types of emailing that are annoying and unwanted, differing by the potential threat and impact to the user. Automated classification of these categories can increase the users’ awareness as well as to be used for incident investigation prioritization [...] Read more.

Spamming and phishing are two types of emailing that are annoying and unwanted, differing by the potential threat and impact to the user. Automated classification of these categories can increase the users’ awareness as well as to be used for incident investigation prioritization or automated fact gathering. However, currently there are no scientific papers focusing on email classification concerning these two categories of spam and phishing emails. Therefore this paper presents a solution, based on email message body text automated classification into spam and phishing emails. We apply the proposed solution for email classification, written in three languages: English, Russian, and Lithuanian. As most public email datasets almost exclusively collect English emails, we investigate the suitability of automated dataset translation to adapt it to email classification, written in other languages. Experiments on public dataset usage limitations for a specific organization are executed in this paper to evaluate the need of dataset updates for more accurate classification results. Full article

(This article belongs to the Special Issue Cybersecurity and Data Science)

► Show Figures

Figure 1

21 pages, 5462 KiB

Open AccessArticle

A Wireless Covert Channel Based on Dirty Constellation with Phase Drift

by Krystian Grzesiak, Zbigniew Piotrowski and Jan M. Kelner

Electronics 2021, 10(6), 647; https://doi.org/10.3390/electronics10060647 - 11 Mar 2021

Cited by 10 | Viewed by 2755

Abstract

Modern telecommunications systems require the use of various transmission techniques, which are either open or hidden. The open transmission system uses various security techniques against its unauthorized reception, and cryptographic solutions ensure the highest security. In the case of hidden transmissions, steganographic techniques [...] Read more.

Modern telecommunications systems require the use of various transmission techniques, which are either open or hidden. The open transmission system uses various security techniques against its unauthorized reception, and cryptographic solutions ensure the highest security. In the case of hidden transmissions, steganographic techniques are used, which are based on the so-called covert channels. In this case, the transparency and stealth of the transmission ensure its security against being picked up by an unauthorized user. These covert channels can be implemented in multimedia content, network protocols, or physical layer transmissions. This paper focuses on wireless covert channels. We present a novel method of steganographic transmission which is based on phase drift in phase-shift keying or quadrature amplitude modulation (QAM) and is included in the so-called dirty constellation techniques. The proposed approach is based on the drift correction modulation method, which was previously used in the watermarking of audio-signals. The developed solution is characterized by a variable bit rate, which can be adapted to the used modulation type and transmission conditions occurring in radio channels. In the paper, we present the method of generating and receiving hidden information, simulation research, and practical implementation of the proposed solution using the software-defined radio platform for selected QAM. Full article

(This article belongs to the Special Issue Cybersecurity and Data Science)

► Show Figures

Figure 1

14 pages, 3003 KiB

Open AccessArticle

Multilayer Detection of Network Steganography

by Milosz Smolarczyk, Krzysztof Szczypiorski and Jakub Pawluk

Electronics 2020, 9(12), 2128; https://doi.org/10.3390/electronics9122128 - 12 Dec 2020

Cited by 11 | Viewed by 2897

Abstract

This paper presents a new method for steganography detection in network protocols. The method is based on a multilayer approach for the selective analysis of derived and aggregated metrics utilizing machine learning algorithms. The main objective is to provide steganalysis capability for networks [...] Read more.

This paper presents a new method for steganography detection in network protocols. The method is based on a multilayer approach for the selective analysis of derived and aggregated metrics utilizing machine learning algorithms. The main objective is to provide steganalysis capability for networks with large numbers of devices and connections. We discuss considerations for performance analysis and present results. We also describe a means of applying our method for multilayer detection of a popular RSTEG (Retransmission Steganography) technique. Full article

(This article belongs to the Special Issue Cybersecurity and Data Science)

► Show Figures

Figure 1

Other

Jump to: Editorial, Research

35 pages, 1007 KiB

Open AccessSystematic Review

Data Transformation Schemes for CNN-Based Network Traffic Analysis: A Survey

by Jacek Krupski, Waldemar Graniszewski and Marcin Iwanowski

Electronics 2021, 10(16), 2042; https://doi.org/10.3390/electronics10162042 - 23 Aug 2021

Cited by 16 | Viewed by 5025

Abstract

The enormous growth of services and data transmitted over the internet, the bloodstream of modern civilization, has caused a remarkable increase in cyber attack threats. This fact has forced the development of methods of preventing attacks. Among them, an important and constantly growing [...] Read more.

The enormous growth of services and data transmitted over the internet, the bloodstream of modern civilization, has caused a remarkable increase in cyber attack threats. This fact has forced the development of methods of preventing attacks. Among them, an important and constantly growing role is that of machine learning (ML) approaches. Convolutional neural networks (CNN) belong to the hottest ML techniques that have gained popularity, thanks to the rapid growth of computing power available. Thus, it is no wonder that these techniques have started to also be applied in the network traffic classification domain. This has resulted in a constant increase in the number of scientific papers describing various approaches to CNN-based traffic analysis. This paper is a survey of them, prepared with particular emphasis on a crucial but often disregarded aspect of this topic—the data transformation schemes. Their importance is a consequence of the fact that network traffic data and machine learning data have totally different structures. The former is a time series of values—consecutive bytes of the datastream. The latter, in turn, are one-, two- or even three-dimensional data samples of fixed lengths/sizes. In this paper, we introduce a taxonomy of data transformation schemes. Next, we use this categorization to describe various CNN-based analytical approaches found in the literature. Full article

(This article belongs to the Special Issue Cybersecurity and Data Science)

► Show Figures

Graphical abstract

Journal Menu

Journal Browser

Cybersecurity and Data Science

Share This Special Issue

Special Issue Editor

Special Issue Information

Keywords

Published Papers (16 papers)

Editorial

Research

Other

Further Information

Guidelines

MDPI Initiatives

Follow MDPI